i've seen many article on encrypt/decrypt of file and typically a button is used to choose the file for encrypt and another button to decrypt the file.
i've seen some application like truecrypt and probably others which does file encryption on-the-fly with transparent. this means that when a encrypted file is clicked to access, it will automatically decrypt and play/open the file. then when the file is closed, it will automatically encrypt again.
some have said that the only way to detect file open is through file system filter.
but is there other ways to do this in c# compact framework?
You could give all the encrypted files a specific file extension which is handled by your decryption program, then when the user opens the file, your program would decrypt it and then open it in the correct application.
I think I understand your question. You don't control the programs which display the files, you want to just control the encryption anddecryption of the files behind the scenes without the program knowing it even happened (like a .docx file, would be encrypted and decrypted without Word knowing it). I think you should look into WMI. I haven't specifically used it to check for system events having to do with files being retrieved or saved but I have used it to hook into system events and set off code at certain times very effectively. Here is the MSDN reference:
WMI Reference
I would look into the __Instance Events. Like the __InstanceModificationEvent class for file save events to the IO:
__InstanceModificationEvent Reference
Hope this get you onto the right track!
I answered this in the MS Foums. You have to write a file system filter and that filter can only be written in C.
Related
In my C# windows application (using visual C# 2012 if you need to know) I need to add things to listboxes and save the items so when the program closes they stay there next time it opens. I would prefer not using the settings to store the information.
Some more things I need for this. Saving them to a text file can't happen either. It needs to be saved in a way that it can not be edited outside of the program.
Sorry but its not possible. Anything that you save can be modified by another program.
You could sign the saved data and then detect that some other has modified the data, but you cannot prevent other programs from read/changing the data.
EDIT
DPAPI can be used to encrypt/decrypt the data. See Really simple encryption with C# and SymmetricAlgorithm
Set up SQL on a web server.
Save the info to your web server.
They can't modify data on a remote server, so I think a database is the way to go.
If you are the only person using that program... I mean... if you are the only one that knows what the program is doing, you could go for saving data in binary format into binary files. I doubt that someone looking at your files will say "Oh damn there is a .bin file in this directory! I have to find a way to discover how to read it and what's it's content!".
As long as you keep your program and its sources protected... I doubt someone will get something out of that content. You transform all your data into a Byte[], you compress it, you encrypt it and you write in a file. Bye bye.
Say you have a method or property on a third party sealed component that expects a file name. You do not have the source for the third party component. You want that component to do what it's supposed to do (read only) on a file you have, but your file is encrypted on disk and you only want the decrypted version in memory so it cannot be easily copied in its plain form.
Is it possible to create a wrapper or some other approach to trick the component to think it's reading from a file when it's actually reading from a MemoryStream? Or is it totally impossible? Can it be done outside .NET in native Windows code?
Thanks
You can't do that the way that you are proposing, no. My recommendation would be to use the Encrypting Filesystem functionality built into windows. That way the file is stored in encrypted form on disk, but is available via the normal IO methods to the application (provided that the account that is running the application has access to the file).
Can it read from "CON" as input (like many text utilities grep/findstr, more,...)? In this case you can try to redirect input/output stream and feed results thata way.
Is it possible to create a wrapper or some other approach to trick the
component to think it's reading from a file when it's actually reading
from a MemoryStream?
No, sorry. You will have to decrypt the file into a temporary file and then pass this temporary file to the plugin. Once it finishes its work delete the temporary file.
This short answer is if a component is expecting a filename e.g. a string you can not parse it a memory stream.
However if the file is encrypted with Encrypting File System (EFS) or something native to Windows it may be able to decrypt the file without knowing the file is encrypted.
These might help:
http://en.wikipedia.org/wiki/Encrypting_File_System
http://en.wikipedia.org/wiki/BitLocker_Drive_Encryption
You could have a look at Dokan. I haven't tried it, but it's a way of creating a virtual file system in .Net.
You can create an in-memory disk drive (either in code or by using third-party application) and put a file there. Another approach is to implement virtual file system and handle all file requests. Both approaches are possible for example using our Virtual Storage products.
Also, I don't know about .NET in particular, but in Windows you can hook API functions and substitute certain operations (including file operations). There even exist components for this, but, again, I don't know if they offer their functionality for .NET.
Is it possible to encrypt a Zip file? I know encryption is used to make .txt files unreadable until decrypted with a key. Although I want to do the same with a .zip file.
I have multiple files I want users to download from the internet through my program I'm creating, so I thought I'll compress them files in a .zip and then encrypt the Zip for added security. (I don't want users to access the file within the .zip without a serial code)
I was going to keep the 'serial key' in a database online which the program would get.
Am going about this in the wrong way?
Both DotNetZip and SharpZipLib support encrypting the contents of zips and are free.
Use the dotnetzip library to perform your zipping/unzipping operations.
It supports AES encryption. From the website:
The library supports zip passwords, Unicode, ZIP64, stream input and output, AES encryption, multiple compression levels, self-extracting archives, spanned archives, and more.
Yes you can use third party zip libraries as shown by other answers, but keep in mind that your method of protecting files is rudimentary... it would not be terribly difficult to observe your program operating and recover the files after your program helpfully decrypts them. If you are storing the key as a constant in the program, that is pretty trivial to extract as well.
Software protection is a complex field, and it's very difficult to prevent determined users from viewing data that is stored on systems they control. Commercial software goes to great lengths to prevent this, and the solutions are quite complicated. (e.g. try hooking a debugger to Skype and see what happens)
I have a table in the database containing "files".
I don't know their filetype.
I need to export some stuff (including these files) and be able to import them into the same application.
So I was thinking about saving the byte array as data.dat (unknown extension).
and when importing just making a byte array from that file and putting it back into the database.
Will this work?
Yes, file extensions are only a clue as to the format/purpose of the file, but don't really mean anything.
From the computer's point of view it doesn't care at all what a file is called (Windows just uses them to associate applications with their files so you can open them by double-clicking).
The extension doesn't influence on the data itself, just the app that will be launched by default when you double-click on it. Yes, it will work.
Just be aware that you should validate the file when importing it to your app.
What is the best way to automate the encryption of my c#.net application configuration file without interfering with the normal operations of the application?
Here is Microsoft's recommendation.
Don't encrypt the whole file, obviously. Just encrypt sensitive data like DB connection strings.
You should consider encrypting only the /configuration/appSettings/add[#value] parts.
Use your favorite System.Security.Cryptography class.
Don't forget that this is a text file so convert binary to hex (e.g. \n => 0A)
If you create seperate functions to encrypt and decrypt a file, as explained here, rather than trying to incorproate it into the existing routines, then you can simply call the decryption routine before loading the file (i.e. at the top of the "Load" function) and call the encryption routine after saving it (i.e. just before returning from the "Save" function).